Directory access permissions

[Chris Ditri]

I think what fredrico says is good advice.

I have one more suggestion.

Make the users primary group the same, if possible.

So if you have user: Bob
#groups bob
(output is:) bob : bob accounting

This is not ideal, because any file made by him will have the group bob.

if you do this
# usermod -g accounting bob
# groups bob
bob : accounting

Bob doesn't really need to be a member of group bob, cuz he can already 
open his own files.  BUT now, when he creates a file it takes the group of 
accounting.  This way anyone in accounting will be able to get to that 
file/directory (assuming you have an appropriate "create mask" and 
"directory mask" as Fredrico indicated).

This is a way of relying upon the inherent permission of the *nix file 
system, rather than those offered in Samba.

To use samba perms check out smb.conf options like: "valid users" "read 
list" "write list" etc.

Hope it helps,

Chris



bob At 12:14 PM 5/29/2001 -0700, you wrote:
>We are using SAMBA 2.0.7 on Solaris 7 for mounting on NT 4.0
>workstations.  The desirable permissions for the new directories and
>files are 775.  I have set the "umask" to 002 and I am getting the
>desired permissions on the files created by the users from the NT
>boxes.  The problem I am having is when a user creates a folder form the
>workstations.   The permissions on the folders are 755 but the files
>inside the folder have the correct permission (775).  If the same user
>creates a directory in the SAMBA shared folder by connecting to the
>Solaris server using TELNET, directory and file permissions are
>correct.  Any idea?
>
>
>
>Pete
>--
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba